Designing a package manager from the ground up (opens in new tab)

(circleci.com)

76 pointsfro01167y ago17 comments

17 comments

15 comments · 3 top-level

bluejekyll7y ago· 8 in thread

> Orbs have a domain-specific language (DSL) defined in YAML syntax that expresses the semantics of our build configuration.

Am I the only one who finds YAML to be difficult to reason about? I find that if the config is that complex, JSON or XML to be much easier to deal with. I think of TOML as the best balance between ease of use and expressiveness.

These ORBs sound similar to docker images, I’m surprised they didn’t offer a comparison, like “why not docker?”, or did I miss it?

sirn7y ago

Orb is actually a Docker image (executor) plus few defined commands. Say, if you want to build a custom Slack notification for multiple projects, you'd create an Orb with an executor and a command, e.g.

    executors:
      alpine:
        docker:
          - image: alpine:3.6
    
    parameters:
      webhook_url:
        description: URL to Slack webhook
        type: string
      message:
        description: Message to post to Slack
        type: string
    
    commands:
      notify:
        description: "Notify Slack"
        executor: alpine
        steps:
          - run:
              name: Notify Slack
              command: |
                curl -X POST -H 'Content-Type: application/json' --data "{ \
                  \"attachments\": [ \
                    { \
                      \"fallback\": \"<<parameters.message>>\", \
                      \"text\": \"<<parameters.message>>\", \
                      \"mrkdwn\": true, \
                      \"color\": \"#1cbf43\", \
                    } \
                  ] \
                }" <<parameters.webhook_url>>

So if I publish this Orb as say sirn/slack@dev, anyone can use this Orb in their build pipeline with:

    orbs:
      slack_notify: sirn/slack@dev

    workflow:
      foo:
        jobs:
          - slack/notify:
              webhook_url: "..."
              message: "..."

I've been using Orb for the past month and I see Orb as a more of a way to share common steps definition (à la Ansible Galaxy) than something of Apt/Brew/NixPkg caliber. It's convenient in CircleCI's context, and easier to get started than trying to build a shared Jenkins Pipeline Scripts, but it's still weird that we're programming in YAML leveraging shell scripts instead of going directly to shell script (which is part of why I love builds.sr.ht).

peterwwillis7y ago

Man, that's terrible. How the hell are you supposed to syntax check that, or version control it, or collaborate on it? Extract it from yaml, do a thing, test it, then put it back in yaml, then run it and test it again? And if anyone else wants to make a change to your change, they now have to do the same? What a pain in the ass.

If this is all Docker containers anyway, why aren't they just creating Docker images and referencing them? They're just shoving a Dockerfile into YAML, without the benefit of it actually being a Dockerfile.

jillesvangurp7y ago

At least yaml allows for comments. This is not supported with JSON (at least not with most parsers).

I recently migrated a javascript project to typescript. We had some yaml based localization file and I decided to turn it into a typescript file by translating the yaml into json and then turning that into a ts file that exports constants. Crucially, typescript can do type inference and multiline strings.

The benefits of this are that I can now autocomplete keys in the file elsewhere in my code and get their type inferred correctly.

Similarly, gradle now supports kotlin in addition to groovy as a language for specifying build files in. The gradle dsl is more or less a declarative DSL. Using a statically compiled language such as Kotlin means you gain type safety and better tool support (autocomplete, correctness checking). Relative to Groovy you don't actually lose anything in terms of expressiveness but you gain a lot.

Neither typescript nor Kotlin are particularly more verbose than JSON though the lack of supporting a colon to map keys to values in a dictionary remains an unfortunate language choice in Kotlin.

Probably typesafe configuration DSLs are going to be a thing in the future. Neither JSON nor Yaml really do this. And schemas just add a lot of cruft.

oblio7y ago

> Probably typesafe configuration DSLs are going to be a thing in the future. Neither JSON nor Yaml really do this. And schemas just add a lot of cruft.

You kind of need schemas. Or you need better type systems. I want at least regexp validation, interval validation, etc. from my configuration files.

1 more reply

shusson7y ago

Yeah I had a similar experience recently moving our elastisearch mapping from plain JSON into typescript. Boy does it help immensely, especially if you have a lot of duplicated fields.

pjmlp7y ago

You are not alone, I had to use Yaml for some Swagger related work, hoping never to deal with it again.

I rather have my json, but preferably XML with schema validation, having the joy of auto-complete and proper documentation.

peterwwillis7y ago

JSON is a bare data format, YAML is a feature-filled data format, TOML is a configuration format, XML is punishment from God for our sins of over-engineered design by working group. They'll be useful for different things (simple data transfer, complex data objects represented in applications, configuring an application, and sadism/masochism, respectively)

anton_gogolev7y ago

I've been using HJSON lately and it's been a joy.

iceninenines7y ago· 4 in thread

Not another vendor-lock-in package manager. And, very predictably, no end-to-end integrity and nonrepudiation. smh.

peterwwillis7y ago

Yeah, it's unfortunate. Rather than a solution that could be adopted outside of CCI, this is only useful in those configs. So as soon as you use them in your org with this product, you have to reinvent the wheel to get the same functionality in any other CI that a different team might be using.

fwip7y ago

Which package manager do you feel gets it right?

jf7y ago

I’m not the OP but Nix/NixOS is the closest I’ve ever seen to a “Platonic ideal” package manager

rkeene27y ago

I think you'll like AppFS

http://AppFS.rkeene.org/

oblio7y ago

I really like their "volatile" decision. More package managers need to adopt it, in my opinion.

j / k navigate · click thread line to collapse

17 comments

15 comments · 3 top-level

bluejekyll7y ago· 8 in thread

> Orbs have a domain-specific language (DSL) defined in YAML syntax that expresses the semantics of our build configuration.

These ORBs sound similar to docker images, I’m surprised they didn’t offer a comparison, like “why not docker?”, or did I miss it?

sirn7y ago

    executors:
      alpine:
        docker:
          - image: alpine:3.6
    
    parameters:
      webhook_url:
        description: URL to Slack webhook
        type: string
      message:
        description: Message to post to Slack
        type: string
    
    commands:
      notify:
        description: "Notify Slack"
        executor: alpine
        steps:
          - run:
              name: Notify Slack
              command: |
                curl -X POST -H 'Content-Type: application/json' --data "{ \
                  \"attachments\": [ \
                    { \
                      \"fallback\": \"<<parameters.message>>\", \
                      \"text\": \"<<parameters.message>>\", \
                      \"mrkdwn\": true, \
                      \"color\": \"#1cbf43\", \
                    } \
                  ] \
                }" <<parameters.webhook_url>>

So if I publish this Orb as say sirn/slack@dev, anyone can use this Orb in their build pipeline with:

    orbs:
      slack_notify: sirn/slack@dev

    workflow:
      foo:
        jobs:
          - slack/notify:
              webhook_url: "..."
              message: "..."

peterwwillis7y ago

jillesvangurp7y ago

At least yaml allows for comments. This is not supported with JSON (at least not with most parsers).

The benefits of this are that I can now autocomplete keys in the file elsewhere in my code and get their type inferred correctly.

Neither typescript nor Kotlin are particularly more verbose than JSON though the lack of supporting a colon to map keys to values in a dictionary remains an unfortunate language choice in Kotlin.

Probably typesafe configuration DSLs are going to be a thing in the future. Neither JSON nor Yaml really do this. And schemas just add a lot of cruft.

oblio7y ago

> Probably typesafe configuration DSLs are going to be a thing in the future. Neither JSON nor Yaml really do this. And schemas just add a lot of cruft.

You kind of need schemas. Or you need better type systems. I want at least regexp validation, interval validation, etc. from my configuration files.

1 more reply

shusson7y ago

Yeah I had a similar experience recently moving our elastisearch mapping from plain JSON into typescript. Boy does it help immensely, especially if you have a lot of duplicated fields.

pjmlp7y ago

You are not alone, I had to use Yaml for some Swagger related work, hoping never to deal with it again.

I rather have my json, but preferably XML with schema validation, having the joy of auto-complete and proper documentation.

peterwwillis7y ago

anton_gogolev7y ago

I've been using HJSON lately and it's been a joy.

iceninenines7y ago· 4 in thread

Not another vendor-lock-in package manager. And, very predictably, no end-to-end integrity and nonrepudiation. smh.

peterwwillis7y ago

fwip7y ago

Which package manager do you feel gets it right?

jf7y ago

I’m not the OP but Nix/NixOS is the closest I’ve ever seen to a “Platonic ideal” package manager

rkeene27y ago

I think you'll like AppFS

http://AppFS.rkeene.org/

oblio7y ago

I really like their "volatile" decision. More package managers need to adopt it, in my opinion.

j / k navigate · click thread line to collapse